6118b86ade90cf606dd6e26e0a101842f7cf9faa3772c4fba76af08a23b28931 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

6118b86ade90cf606dd6e26e0a101842f7cf9faa3772c4fba76af08a23b28931
Size

111KB
MD5

10c8e8921171ac234ae04ef91da9c8e0
SHA1

90a13b60d502f34816e162a8a64ca90584dd189b
SHA256

6118b86ade90cf606dd6e26e0a101842f7cf9faa3772c4fba76af08a23b28931
SHA512

c893baf48a6f4493dfffbdd85173a6f719074ffe4a52d6076423c0f378d52cbafcbef2656a194e672877d3902fbf51697eeb727d4925477c0532642ade363ee7
SSDEEP

1536:t95SD2vgR5GZogNAUo7bwcV/TX9CMvFyVaLGqK7BX+/1rAklfc8wayBCFZk:t9o2vvaWUw4CaLS7Budrrar4

Score

N/A

Malware Config

Signatures

Files

6118b86ade90cf606dd6e26e0a101842f7cf9faa3772c4fba76af08a23b28931
.exe windows x86

26e23b53f2ada841ad8db38dd510eb9a

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

WaitForMultipleObjects
lstrcmpiW
SetLastError
GetStdHandle
GetProcessHeap
DeleteFileA
OpenMutexA
GetModuleFileNameA
lstrcmpiW
CreateMailslotW
Sleep
GetModuleHandleA
GetLogicalDriveStringsW
lstrcmpiW
lstrlenA
IsValidLocale
lstrcmpiW
CreateNamedPipeW
FileTimeToLocalFileTime
lstrcmpiW
HeapCreate
GetDriveTypeW
GetVolumePathNameW

scecli

DeltaNotify
InitializeChangeNotify
SceOpenPolicy
SceSysPrep

Sections

.text
Size: 1KB - Virtual size: 5KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.orpc
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 104KB - Virtual size: 104KB

IMAGE_SCN_MEM_READ

.idata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ